as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

as Konrad already said, With header authentication there is no password. One adds the authentication headers containing username and user directory to the http requests and is "authenticated" as this user without any further action needed/possible.

I did always think of this authentication method to be useful for debugging but not for production environments. With browser extensions like Modify Headers for FireFox you can easily add the required headers to your browser's requests and impersonate any user...

Best regards

Reply to this message by replying to this email, or go to the message on Qlik Community

Start a new discussion in Qlik Sense - Integration, Extensions and APIs by email or at Qlik Community